Recent research reveals that Google’s Gemini for Workspace can be exploited for phishing attacks by embedding malicious instructions within emails. This vulnerability allows threat actors to manipulate Gemini’s email summarization feature, tricking it into producing deceptive summaries that appear legitimate. Specifically, attackers can hide prompts in white font, evading spam filters and leading recipients to believe they are receiving authentic messages from Google. For instance, a Gemini summary may inform users about a compromised password, urging them to call a malicious number for a reset. The exploit, termed prompt injection, highlights a significant security risk, as it does not require links or attachments and can leverage crafted HTML and CSS. Although Google has not reported active attacks, plans are underway to enhance defenses against prompt injections. Experts emphasize the need for vigilance, urging security teams to treat AI tools as potential attack vectors, ensuring robust preventive measures against emerging threats.
Source link
